[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: commit "ITS#8226 limit size of read txns in searches" has a bug

To: Леонид Юрьев <leo@yuriev.ru>, "OpenLDAP-devel@openldap.org >> OpenLDAP Devel" <openldap-devel@openldap.org>
Subject: Re: commit "ITS#8226 limit size of read txns in searches" has a bug
From: Howard Chu <hyc@symas.com>
Date: Mon, 31 Aug 2015 14:57:16 +0100
In-reply-to: <CAO2+NUCuOCtyts3pfeQJpAhxTXP_j-5Ha8-23jUSQ4+q3_mKrw@mail.gmail.com>
References: <CAO2+NUCuOCtyts3pfeQJpAhxTXP_j-5Ha8-23jUSQ4+q3_mKrw@mail.gmail.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:40.0) Gecko/20100101 Firefox/40.0 SeaMonkey/2.37a1

Леонид Юрьев wrote:

Hi, Howard.

wwctx.txn may be uninitialized, see lines 712-720 of back-mdb/search.c
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blob;f=servers/slapd/back-mdb/search.c;h=502312add20f305cb62083a88610aaaf2a2d652c;hb=21bf33b0e8e044d6722a9c3ef4a3961d71465d77#l713

And therefore mdb_rtxn_snap() may segfault when will called from line 1127.
http://www.openldap.org/devel/gitweb.cgi?p=openldap.git;a=blob;f=servers/slapd/back-mdb/search.c;h=502312add20f305cb62083a88610aaaf2a2d652c;hb=21bf33b0e8e044d6722a9c3ef4a3961d71465d77#l1127

I think, one of the following should be:
- wwctx should be initialize completely at 712;
or
- an additional condition should be checked at 1123-1125.

Thanks, you're right. If the current operation doesn't own the transaction(e.g. search called while evaluating the ACL in some other operation) then itmust leave the transaction alone. Fixed now.


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

References:
- commit "ITS#8226 limit size of read txns in searches" has a bug
  - From: Леонид Юрьев <leo@yuriev.ru>

Prev by Date: commit "ITS#8226 limit size of read txns in searches" has a bug
Index(es):
- Chronological
- Thread